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In the Claims: 

Please cancel claims 5, 19, 30, 38 and 46 without prejudice or dedication. 
Please amend the claims as indicated below: 

1 . (currently amended) A method of implementing multicast security in a given multicast 
domain, the given multicast domain having one or more network devices, the method 
comprising: 

receiving multicast traffic that is encrypted with a global key, the global key being 
available to the given multicast domain and one or more other multicast domains; 

decrypting the received multicast traffic with the global key to produce decrypted 
multicast traffic; 

encrypting the decrypted multicast traffic with a local key to produce local encrypted 
multicast traffic, the local key being available only t o the given multicast domain; and 

forwarding the local encrypted multicast traffic to the one or more network devices in the 
given multicast domain, 

2. (original) The method according to claim 1, further comprising: 

receiving a global key message that identifies the global key. 

3. (original) The method according to claim 1 wherein the local encrypted multicast traffic is 
forwarded to all of the network devices in the given multicast domain. 

4. (original) The method according to claim 1 wherein the local encrypted multicast traffic is 
forwarded to a subset of the network devices in the given multicast domain, the subset of 
network devices being identified in a multicast message. 
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5. (cancelled ) 

6. (original) The method according to claim 1 wherein the given multicast domain is a protocol 
independent multicast domain. 

7. (original) The method according to claim 1 wherein the given multicast domain is a group of 
contiguous protocol independent multicast domains. 

8. (original) The method according to claim 1 wherein the given multicast domain is part of a 
Multicast Source Discovery Protocol backbone. 

9* (currently amended) The method according to clai m 1 - , further A moth<*i nf tmplgmentinft 
multicast security in a given multicast domain, the m e thod comprising; 

rec e iving multicast traffio that is encrypted with a global k e y, tho global key being 
availabl e to th e giv e n multicast domain and one or more other multicast domains; 
■ .. determining whether that the given multicast domain contains no network devices 

interested in the received multicast traffic; and 

in the event that the given multicast sending a terminate message to no longer forward the 
received multicast traffic to the given multicast domain. 

1 0. (original) The method according to claim 9, further comprising: 
receiving a global key message that identifies the global key. 

1 1 . (original) The method according to claim 9, further comprising: 

determining, after having sent the terminate message, that the given multicast domain 
contains one or more network devices interested in the received multicast traffic; and 

sending a resume message to once again forward the received multicast traffic to the 
given multicast domain. 
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12. (original) The method according to claim 9 wherein the given multicast domain is a protocol 
independent multicast domain. 

13. (original) The method according to claim 9 wherein the given multicast domain is a group of 
contiguous protocol independent multicast domains. 

14. (original) The method according to claim 9 wherein the given multicast domain is part of a 
Multicast Source Discovery Protocol backbone. 

15. (currently amended) A method of implementing multicast security in a network, the method 
comprising: 

encrypting multicast traffic with a global key, the global key being available to a given 
multicast domain and one or more other multicast domains; 

forwarding the global encrypted multicast traffic to the given multicast domain; 

receiving the global encrypted multicast traffic at the given multicast domain; 

decrypting, at the given multicast domain, the global encrypted multicast traffic with 
the global key to produce decrypted multicast traffic; 

encrypting, at the given multicast domain, the decrypted multicast traffic with a local 
key to produce local encrypted multicast traffic, the local key being available only t o the given 
multicast domain; and 

forwarding the local encrypted multicast traffic to one or more network devices in the 
given multicast domain. 

16. (original) The method according to claim 15, further comprising: 

receiving at the given multicast domain a global key message that identifies the global 

key. 

17. (original) The method according to claim 1 5 wherein the local encrypted multicast traffic is 
forwarded to all of the network devices in the given multicast domain. 
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18. (original) The method according to claim 1 5 wherein the local encrypted multicast traffic is 
forwarded to a subset of the network devices in the given multicast domain, the subset of 
network devices being identified in a multicast message. 

19. (cancelled) 

20. (original)The method according to claim 1 5 wherein the given multicast domain is a protocol 
independent multicast domain. 

21. (original) The method according to claim 15 wherein the given multicast domain is a group 
of contiguous protocol independent multicast domains. 

22. (original) The method according to claim 1 5 wherein the given multicast domain is part of a 
Multicast Source Discovery Protocol backbone. 

23. (currently amended) The method according to claim 15. further A method of implementing 
multicast s e curity in a giv e n multicast domain, the method comprising: 

receiving multionat traffic that is encrypted with a global key, th e global koy being 
availabl e to th e given multicast domain and one or more other multicast domains; 

constructing, in response to the received multicast traffic, an information message that 
alerts other multicast domains of the security capabilities of the given multicast domain; and 

forwarding the information message to at least one other multicast domain. 

24. (original) The method according to claim 23 wherein the information message is a part of a 
multicast protocol message, 

25. (original) The method according to claim 24 wherein one or more bits in one or more fields 
of the multicast protocol message are set to alert other multicast domains of the security 
capabilities of the given multicast domain. 
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26. (currently amended) An apparatus for implementing multicast security in a given multicast 
domain, the given multicast domain having one or more network devices, the apparatus 
comprising: 

a receiver for receiving multicast traffic that is encrypted with a global key, the global key 
being available to the given multicast domain and one or more other multicast domains; 

a decryptor for decrypting the received multicast traffic with the global key to produce 
decrypted multicast traffic; 

an encryptor for encrypting the decrypted multicast traffic with a local key to produce 
local encrypted multicast traffic, the local key being available only t o the given multicast domain; 
and 

a traffic forwarder for forwarding the local encrypted multicast traffic to the one or more 
network devices in the given multicast domain. 

27, (originaiyrhe apparatus according to claim 26, further comprising: 

a second receiver for receiving a global key message that identifies the global key. 

28* (original) The apparatus according to claim 26 wherein the local encrypted multicast traffic is 
forwarded to all of the network devices in the given multicast domain. 

29. (original) The apparatus according to claim 26 wherein the local encrypted multicast traffic is 
forwarded to a subset of the network devices in the given multicast domain, the subset of 
network devices being identified in a multicast message. 

30. (cancelled) 

31. (original) The apparatus according to claim 26 wherein the given multicast domain is a 
protocol independent multicast domain. 

32. (original) The apparatus according to claim 26 wherein the given multicast domain is a group 
of contiguous protocol independent multicast domains. 



PAGE 6/19 ^ RCVD AT 1/27/2005 1 1:57:25 AM [Eastern Standard Time] * SVR:USPT0-EFXRF-1/2 * DN!S:8729306 * CSID:617 641 9620 * DURATION (mm-ss):07-50 



" FROM : Dave Dagg & Stacey Sacks 



FAX NO. : 617 641 9620 



Jan. 27 2005 12:04PM P7 



Serial No. 09/474,203 - 7 - Art Unit: 21 35 

33. (original) The method according to claim 26 wherein the given multicast domain is part of a 
Multicast Source Discovery Protocol backbone. 

34. (currently amended) A computer program product for implementing multicast security in a 
given multicast domain, the given multicast domain having one or more network devices, the 
computer program product comprising a computer usable medium having computer readable 
program code thereon, the computer program code including: 

program code for receiving multicast traffic that is encrypted with a global key, the global 
key being available to the given multicast domain and one or more other multicast domains; 

program code for decrypting the received multicast traffic with the global key to produce 
decrypted multicast traffic; 

program code for encrypting the decrypted multicast traffic with a local key to produce 
local encrypted multicast traffic, the local key being available only t o the given multicast domain; 
and 

program code for forwarding the local encrypted multicast traffic to the one or more 
network devices in the given multicast domain. 

35. (original) The computer program product according to claim 34, further comprising: 
program code for receiving a message that identifies the global key. 

36. (original) The computer program code to claim 34 wherein the local encrypted multicast 
traffic is forwarded to all of the network devices in the given multicast domain. 

37- (original) The computer program code according to claim 34 wherein the local encrypted 
multicast traffic is forwarded to a subset of the network devices in the given multicast domain, 
the subset of network devices being identified in a multicast message. 

38. (cancelled) 
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39. (original) The computer program code according to claim 34 wherein the given multicast 
domain is a protocol independent multicast domain. 

40. (original) The computer program code according to claim 34 wherein the given multicast 
domain is a group of contiguous protocol independent multicast domains. 

41. (original) The method according to claim 34 wherein the given multicast domain is part of a 
Multicast Source Discovery Protocol backbone. 

42. (currently amended) An apparatus for implementing multicast security in a network, the 
apparatus comprising: 

means for encrypting multicast traffic with a global key, the global key being available to 
a given multicast domain and one or more other multicast domains; 

means for forwarding the global encrypted multicast traffic to the given multicast domain; 

means for receiving the global encrypted multicast traffic at the given multicast domain; 

means for decrypting, at the given multicast domain, the global encrypted multicast traffic 
with the global key to produce decrypted multicast traffic; 

means for encrypting, at the given multicast domain, the decrypted multicast traffic with a 
local key to produce local encrypted multicast traffic, the local key being available only t o the 
given multicast domain; and 

means for forwarding the local encrypted multicast traffic to one or more network devices 
in the given multicast domain. 

43. (original) The apparatus according to claim 42, further comprising: 

means for receiving at the given multicast domain a global key message that identifies the global 
key, 

44* (original) The apparatus according to claim 42 wherein the local encrypted multicast traffic is 
forwarded to all of the network devices in the given multicast domain. 
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45. (original) The apparatus according to claim 42 wherein the local encrypted multicast traffic is 
forwarded to a subset of the network devices in the given multicast domain, the subset of 
network devices being identified in a multicast message. 

46. (cancelled) 

47. (original) The apparatus according to claim 42 wherein the given multicast domain is a 
protocol independent multicast domain. 

48. (original) The apparatus according to claim 42 wherein the given multicast domain is a group 
of contiguous protocol independent multicast domains. 

49. (original) The method according to claim 42 wherein the given multicast domain is part of a 
Multicast Source Discovery Protocol backbone. 
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